<%@page import="java.net.URLEncoder"%>
<%@page import="java.net.URLDecoder"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<jsp:useBean id="database" scope="request" class="accessibleworldsdatabase.AccessibleWorldsDatabaseJavaBeans"/>
<jsp:useBean id="des" scope="request" class="accessibleworldsdes.AccessibleWorldsDESJavaBeans"/>
<jsp:useBean id="mail" scope="request" class="accessibleworldsmail.AccessibleWorldsMailJavaBeans"/>
<%try {

String accessCode = request.getParameter("accessCode");

if(!(accessCode==null || "".equals(accessCode))) {
	
    accessCode = des.decryptString(session.getId(), accessCode);
    accessCode = URLDecoder.decode(accessCode, "UTF-8");
	    
    if(des.getAndroidAccessCode().equals(accessCode) || des.getComputerAccessCode().equals(accessCode)) {
    	
    	String userID = request.getParameter("userID");
    	String oldEmail = request.getParameter("oldEmail");
    	String newEmail = request.getParameter("newEmail");
        String password = request.getParameter("password");
        String lastName = request.getParameter("lastName");
        String firstName = request.getParameter("firstName");
        String birthday = request.getParameter("birthday");
        

        if(!(userID==null ||"".equals(userID) || oldEmail==null ||"".equals(oldEmail) ||
        	newEmail==null ||"".equals(newEmail) || password==null ||"".equals(password) ||
    		lastName==null || "".equals(lastName) || firstName==null ||"".equals(firstName) ||
            birthday==null || "".equals(birthday))) {
			
        	userID = des.decryptString(session.getId(), userID);
        	oldEmail = des.decryptString(session.getId(), oldEmail);
        	newEmail = des.decryptString(session.getId(), newEmail);
            password = des.decryptString(session.getId(), password);
            lastName = des.decryptString(session.getId(), lastName);
            firstName = des.decryptString(session.getId(), firstName);
            birthday = des.decryptString(session.getId(), birthday);
            
            userID = URLDecoder.decode(userID, "UTF-8");
            oldEmail = URLDecoder.decode(oldEmail, "UTF-8");
            newEmail = URLDecoder.decode(newEmail, "UTF-8");
            password = URLDecoder.decode(password, "UTF-8");
            lastName = URLDecoder.decode(lastName, "UTF-8");
            firstName = URLDecoder.decode(firstName, "UTF-8");
            birthday = URLDecoder.decode(birthday, "UTF-8");

            database.connect(des.decryptString(des.getServiceSecretKey(), database.getEncryptedPassword()));

            if(oldEmail.equals(newEmail)) {
            	
                String SQL =
               	"UPDATE Users"+
               		" SET"+
               			" password = \""+password+"\""+
               			",lastName = \""+lastName+"\""+
               			",firstName = \""+firstName+"\""+
               			",birthday = \""+birthday+"\""+
               		" WHERE"+
                		" user_id ="+userID;
                
                database.updateSQL(SQL);

                String output = URLEncoder.encode("OK","UTF-8");
                
                output = des.encryptString(session.getId(),output);
                out.print(output);
            }
            else {
            	
            	String SQL =
            	"UPDATE Users"+
            		" SET"+
            			" email = \""+newEmail+"\""+
            			",password = \""+password+"\""+
            			",lastName = \""+lastName+"\""+
            			",firstName = \""+firstName+"\""+
            			",birthday = \""+birthday+"\""+
            		" WHERE"+
            			" user_id ="+userID;
            	
                database.updateSQL(SQL);
                
                String validationCode = newEmail;
                validationCode = URLEncoder.encode(validationCode, "UTF-8");
                validationCode = des.encryptString(des.getServiceSecretKey(), validationCode);
    			
                String url = getServletContext().getInitParameter("validationAddress");
                url = url + "?accessCode="+URLEncoder.encode(des.getEmailAccessCode(), "UTF-8");
                url = url + "&email="+URLEncoder.encode(newEmail, "UTF-8");
                url = url + "&validationCode="+URLEncoder.encode(validationCode+"", "UTF-8");
                
                mail.sendMail(des.decryptString(des.getServiceSecretKey(), mail.getEncryptedSenderMailPassword()),newEmail, "Activation Mail", url, null);
    			
                String output = URLEncoder.encode("OK","UTF-8");
                
                output = des.encryptString(session.getId(),output);
                out.print(output);
            }

            database.closeConnection();
       }
    }
}
} catch (Exception ex) {}%>